| Description |
1 online resource |
| Series |
American Political, Economic, and Security Issues |
|
American political, economic, and security issues series.
|
| Contents |
INFORMATION SECURITY ACROSS FEDERAL AGENCIES ANALYSIS OF ADEQUACY AND EFFECTIVENESS ; INFORMATION SECURITY ACROSS FEDERAL AGENCIES ANALYSIS OF ADEQUACY AND EFFECTIVENESS ; CONTENTS ; PREFACE ; Chapter 1 FEDERAL INFORMATION SECURITY: AGENCIES NEED TO CORRECT WEAKNESSES AND FULLY IMPLEMENT SECURITY PROGRAMS* ; WHY GAO DID THIS STUDY ; WHAT GAO RECOMMENDS ; WHAT GAO FOUND ; ABBREVIATIONS ; BACKGROUND; New FISMA Requirements Clarify Roles and Responsibilities ; CONTINUED WEAKNESSES PLACE FEDERAL AGENCIES' INFORMATION AND INFORMATION SYSTEMS AT RISK |
|
Number of Incidents Reported by Federal Agencies Continues to Increase Cybersecurity Deficiencies Continue to Place Systems at Risk ; Agencies Exhibited Weaknesses in All Major Categories of Controls; Most Agencies Had Weaknesses in Access Controls ; Agencies Did Not Fully Implement Controls for Configuration Management ; More Than Half of the Agencies Did Not Segregate Incompatible Duties ; Agencies Had Weaknesses in Continuity of Operations; Agencies Did Not Effectively Manage Security ; We and Inspectors General Recommended Actions to Strengthen Information Security |
|
Federal Efforts Are Underway to Improve Security Cybersecurity Cross-Agency Priority Goals ; The National Cybersecurity Protection System (NCPS) ; The Continuous Diagnostics and Mitigation (CDM) Program ; The National Initiative for Cybersecurity Education (NICE) ; The Federal Risk and Authorization Management Program (FedRAMP) ; The Cyber and National Security Team (E-Gov Cyber) ; The 30-Day Cybersecurity Sprint ; AGENCIES' IMPLEMENTATION OF FISMA 2002 REQUIREMENTS WAS MIXED ; More Agencies Implemented Risk Management Activities ; Most Agencies Had Documented Policies and Procedures |
|
Number of Agencies with Sufficient Security Planning Decreased Number of Agencies Providing Sufficient Security Awareness Decreased and the Percentage of Personnel Receiving Specialized Training Decreased ; Fewer Agencies Are Periodically Testing and Continuously Monitoring Controls; Increasing Number of Agencies are Generally Implementing Elements of a Remediation Program, but Weaknesses Remain ; Agencies' Efforts to Implement Incident Response and Reporting Varied ; Fewer Agencies Had Adequate Contingency Plans |
|
Agencies Reported Operating Fewer Systems and Relying More on Contractor-Operated SystemsMore Agencies Implemented Privacy Requirements ; Amount of Spending on Information Security Varied Among Agencies ; NIST Continues to Provide FISMA-Related Guidance to Agencies ; Inspectors General Report on Agency Implementation of FISMA ; OMB and DHS Continue Actions, but Opportunities Remain for Improving Annual Reporting of Agency Information Security Programs ; Guidance for Reporting Agency Evaluations Was Not always Complete ; CONCLUSION ; RECOMMENDATION FOR EXECUTIVE ACTION |
| Notes |
Includes index |
|
Print version record |
| Subject |
Cyber intelligence (Computer security) -- United States
|
|
COMPUTERS -- Security -- General.
|
|
Cyber intelligence (Computer security)
|
|
United States
|
| Form |
Electronic book
|
| Author |
Palmer, Shane, editor
|
| LC no. |
2020679053 |
| ISBN |
9781634849531 |
|
1634849531 |
|
